DEV Community

Pacharapol Withayasakpunt
Pacharapol Withayasakpunt

Posted on


What is required or should be done, according to PDPA / GDPR?

I know GDPR might be enforced in EU, but what about your local variations? (And what about US?)

Most commonly seen are cookies. I believe it should not be only Accept or Decline, but detailed with fine tuning. (But how fine-tuned should it be?)

Another thought is, personalizations (and recommendations) should be able to be turned off, including search engines.

Top comments (1)

lexlohr profile image
Alex Lohr

Actually, the question is: what mustn't be done. You may not compromise the privacy of the user or make him identifyable to yourself or a third party, either by name or a unique property except if he explicitly gives his consent.

How far you allow the user to give a detailed consent is your own choice (the best way to handle this IMO is [No consent*] [Fine-tuned consent] [Full consent]), but at least you must provide sufficient data on whom the information is shared with if third parties are involved, otherwise a conscious consent to share the information cannot be given.

* if your page or web app requires a log in, you should obviously exclude that from the no consent rule, but make it obvious that the choice for the user is either to allow for the login our leave your service.

An Animated Guide to Node.js Event Loop

Node.js doesn’t stop from running other operations because of Libuv, a C++ library responsible for the event loop and asynchronously handling tasks such as network requests, DNS resolution, file system operations, data encryption, etc.

What happens under the hood when Node.js works on tasks such as database queries? We will explore it by following this piece of code step by step.